package com.work.example.demo5.config;

import java.util.List;

import com.work.example.demo5.filter.TokenFilter;
import com.work.example.demo5.handle.AuthenticationExceptionHandler;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.util.CollectionUtils;


@Configuration
@EnableWebSecurity
public class SecurityConfiguration {
    @Autowired
    private AuthenticationExceptionHandler authenticationExceptionHandler;
    @Autowired
    private TokenFilter tokenFilter;
    @Autowired
    private DemoConfiguration.Security security;

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        List<String> permitAllPaths = security.getPermitAllPath();
        System.out.println(permitAllPaths);
// 配置不需要认证的请求(这里所有的路径可以写在配置文件上修改时就不用改代码)
        if (!CollectionUtils.isEmpty(permitAllPaths)) {
            permitAllPaths.forEach(path -> {
                try {
                    http.authorizeHttpRequests(
                            authorizationManagerRequestMatcherRegistry ->
                                authorizationManagerRequestMatcherRegistry.requestMatchers(path).permitAll());
                } catch (Exception e) {
                    e.printStackTrace();
                }
            });
        }
        http.csrf(csrf -> csrf.disable());
        http.cors(cors->cors.disable());
        http.sessionManagement(
                sessionManagement ->
                        sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
        http.authorizeHttpRequests(
                authorizationManagerRequestMatcherRegistry ->{
                    authorizationManagerRequestMatcherRegistry.anyRequest().authenticated();
                } );
        http.exceptionHandling(exceptionHandling -> exceptionHandling.authenticationEntryPoint(authenticationExceptionHandler));
        http.addFilterBefore(tokenFilter, UsernamePasswordAuthenticationFilter.class);

        return http.build();
    }

    /**
     * 身份认证管理器，调用authenticate()方法完成认证
     */
    @Bean
    public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
        return authenticationConfiguration.getAuthenticationManager();
    }
    /**
     * 密码加密器
     */
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

}